A Guide to the US FDA Safety Requirements for Pharmacovigilance

A Guide to the US FDA Safety Requirements for Pharmacovigilance

July 31, 2019

To ensure a smooth transition from the pre-authorisation to the post-authorisation phase of the life-cycle of a medicinal product, it is the responsibility of the applicant to have in place a robust Pharmacovigilance (PV) system for monitoring patient safety once the product has received FDA approval. During clinical trials, patient exposure is limited and closely monitored, and there are very specific criteria for patients who are eligible to take part in the study. However, once the product is on the market and more widely available, patient exposure is much more widespread and patients may experience adverse reactions (ARs) or adverse drug experiences (ADEs) that have not been observed previously in a clinical trial setting.


This blog will highlight the US post-authorisation regulatory requirements that the license holder must adhere to maintain compliance with the FDA. The US FDA is the regulatory body responsible for ensuring that medicinal products (including biological, vaccines and over the counter (OTC) drugs and medical devices) are safe and effective for human use.  The law governing this area is the Federal Food, Drug and Cosmetic Act (FDCA) and the FDA Code of Federal Regulations (CFR) Title 21 outlines the requirements for drugs and medical devices for human use and is divided into several subchapters. The legislative framework and requirements of the FDA are implemented at a federal level and individual states must adhere to this. 

The Center for Drug Evaluation and Research (CDER) is the division of the FDA responsible for the approval and regulation of most drugs for human use. The Center for Biologics Evaluation and Research (CBER) is responsible for the approval and regulation of biological products for human use. The Center for Devices and Radiological Health (CDRH) is responsible for the approval and regulation of medical devices for human use.

Essentially, since the US is a founding member of the International Conference for Harmonisation of Technical Requirements for Human Use (ICH), it adheres to the ICH guidelines.  Unlike the European Union (EU), in the US, there is no requirement for or equivalent of a Qualified Person for Pharmacovigilance (QPPV) or Pharmacovigilance System Master File (PSMF), however, the license holder must be able to demonstrate that they have robust PV systems and written procedures in place, including the following which will be discussed further in this blog:

  • Individual Case Safety Reports (ICSRs) safety reporting requirements
  • Periodic Reports safety reporting requirements
  • Risk Evaluation and Mitigation Strategy (REMS)


ICSR Safety Reporting Requirements

Once a medicinal product has received a new drug application (NDA), abbreviated new drug application (ANDA)[1] or biologic license application (BLA) approval, the license holder must report all ADEs from all sources to the FDA, regardless of whether the medicinal product is marketed. The FDA Adverse Event Reporting System (FAERS) is the database that collates all AR reports, including information on pregnancies, abuse, misuse, medication errors and quality complaints. This database is instrumental in the FDA’s post authorisation monitoring and surveillance of medicinal products. Both the CDER and CBER evaluate the safety data in the database to ensure that medicinal products for human use remain safe and efficacious for patients.  Any potential safety signals that are identified are further investigated. The Vaccine Adverse Reporting System (VAERs) is the database used to collect adverse reactions associated with vaccines.

It is a requirement that reports from the medical and scientific literature are also collected and reported. The FDA does not specify a requirement for the frequency of searches (as in the EU which specifically states no less than weekly for ICSRs), however, it is implicit that any serious reports (and other reports in accordance with product specific considerations) must be submitted within 15 calendar days.

Regulatory requirements for expedited reporting of serious ICSRs are the same as in other ICH regions where reports must be submitted within 15 calendar days. Generally foreign reports of medicinal products having the same active moiety as a marketed product in the US that are considered to be serious and expected must be reported. There is currently no requirement to submit non-serious ICSRs to the FDA. One subtle but significant distinction between the requirements for expedited reporting to the US vs other countries/regions is that regarding ICSR validity. In EU for example, it is necessary to have a patient identifier such as gender, age or age group, etc. (in addition to an identifiable reporter, suspect product and suspected AR). However, for US reporting, it is enough that a report contains information suggestive of the existence of an individual patient.  The license holder must ensure that is has adequate written procedures in place that demonstrate that the following PV activities are being performed:

  • Surveillance (e.g. monitoring of all sources of ADE data)
  • Receipt (e.g. processing of ADE data)
  • Evaluation
  • Reporting (e.g. 15 day reports, periodic reports)

ICSRs should be submitted electronically via the Electronic Submission Gateway (ESG).

Periodic Report Safety Reporting Requirements

A Periodic Adverse Experience Report (PADER) should be submitted quarterly for the first three years after the US approval date and annually thereafter. The PADER should be a descriptive summary and evaluation of the safety data received during the reporting interval and should be submitted electronically as an attachment to the electronic Common Technical Document (eCTD). As with any periodic report, it should continually evaluate the risk benefit profile of the medicinal product to ensure that it is still safe and efficacious for patients. Any new or potential safety issues identified should be investigated further. In addition, non-expedited ICSRs should be submitted at (or before) the time of submission of the descriptive portion of the PADER to FAERS via the ESG.

The license holder can apply for a waiver to substitute the Periodic Benefit Risk Evaluation Report (PBRER) for the PADER in order to harmonise its internal periodic reporting requirements with that of other countries. 

Risk Management and Minimisation Strategies

The FDAs Risk Evaluation and Minimisation Strategies (REMS) programme is designed to ensure that medicinal products approved for human use continue to be used safely and the benefits associated with them outweigh the risks. Not all products will require a REMS but the FDA maintains a list of all approved REMS, which outline any additional safety monitoring measures to be implemented by the license holder. The key goal is to prevent and/or minimise risks associated with a product and to reinforce additional safety monitoring activities that can help manage the risk. Examples of additional actions may include:

  • Educational materials such as medication guides
  • Communication plan informing health care providers and patients
  • Additional monitoring requirements while the drug is being administered

Explore how QVigilance set up a fully compliant PV and MI system   for MendeliKABS, a biopharma with headquarters in North America


This blog provides a brief overview of some of the key requirements for establishing a PV system in support of authorised products within the US. The FDA have developed a series of Guidances for Industry, however, these are not legally binding documents and merely highlight the FDA’s current thinking. Establishing a PV system can be a complex, resource and time intensive and costly endeavour. Increasingly, many companies choose to out-source part or all of the PV activities to third-party PV service providers. While this can enable faster set-up and reduced costs, the license holder retains the ultimate responsibility for all the PV activities and the safety of their products. If third party providers or business partners are involved in the collection, handling or reporting of safety information, the license holder must ensure that there are Safety Data Exchange Agreements (SDEAs) or PV agreements and contractual agreements in place.

[1] An ANDA can be submitted when the medicinal product is a generic drug product that has proven bioequivalence to the innovator drug and could provide a low-cost alternative for the patient.

QVigilance Team
QVigilance Team

Our aim is to provide information and support through articles and updates written by our experienced team. We want to share our knowledge and create an archive of information that you will be able to engage with, share and comment on.

Leave your comments here